package com.springsecutity.secutity.config;

import com.springsecutity.secutity.service.CustomUserService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MySecutityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public UserDetailsService customUserService() {
        return new CustomUserService();
    }

    /**
     * 用于设置用户登录成功和失败的页面，设置cookie的有效时间，设置私密
     *
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        http.formLogin() // 通过formLogin 方法定制登录操作
//                .loginPage("/login") //定制登录页面的访问地址
//                .defaultSuccessUrl(".index") // 指定登录成功之后转向的页面
//                .failureUrl("/login?error") // 指定登录失败之后转向的页面
//                .permitAll()
//                .and()
//                .rememberMe() // 用于开启cookie存储用户的信息
//                .tokenValiditySeconds(60 * 60 * 24) // 设置cookie存储用户的时间
//                .key("myKey") // 设置cookie中的私密
//                .and()
//                .logout() // 开启注销的行为
//                .logoutUrl("/custom-logout") // 注销的时候的url路径
//                .logoutSuccessUrl("/logout-success") // 注销成功之后跳转的页面
//                .permitAll();
        http.authorizeRequests()
                .antMatchers("/css/**", "/js/**", "/images/**", "/webjars/**", "**/favicon.ico", "/index")
                .permitAll()
                .anyRequest().authenticated()
                .and()
                .rememberMe()
                .tokenValiditySeconds(60 * 60)
                .key("mykey")
                .rememberMeParameter("remember-me")
                .rememberMeCookieName("workspace")
                .and()
                .formLogin()
                .loginPage("/login")
//                .successHandler(new ForwardAuthenticationSuccessHandler("/"))
                .defaultSuccessUrl("/")
//                会去访问/login/error 的请求路径  ,如果是默认的/login?error 的路径 会默认有param 的属性
                .failureUrl("/login?error")
                .permitAll()
                .and()
                .logout()
                .permitAll();
//        用于关闭跨域
        http.csrf().disable();
    }

    /**
     * 用于授权
     *
     * @param auth
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(customUserService()).passwordEncoder(new MyPasswordEncoder());
    }

}
